Distributors

A smartphone can feel like a ticking time bomb to IT security pros. With the BYOD trend now well established in the workplace, and employees less vigilant about avoiding malicious links, the chances for trouble remain high.

But when your personal and professional lives intersect on your phone -- the same one that often includes confidential corporate data and email -- it's inevitable that someone will stumble onto malware. Chris Crowley, an instructor at the SANS Institute, offers a rundown of the top mobile security threats today and what can be done to head then off.

1. Untrustworthy devices. A device itself may be faulty or maliciously configured within the supply chain, providing violation of CIA (confidentiality, integrity, availability), he said. One example: CheckPoint earlier this year found an infection of 36 Android devices at a large telecommunications company. In each case, the breach was not caused by the user, but by malware already on the phone when the employee took it out of the box.

“According to the findings, the malware were already present on the devices even before the users received them. The malicious apps were not part of the official ROM supplied by the vendor, and were added somewhere along the supply chain,” CheckPoint wrote on its blog.

2. Malicious apps. Installed applications that claim to perform one task, but actually do something else, represent a hard-to-spot vulnerability.

CheckPoint found malware on Google Play last month, for instance. Called “Judy,” it's an auto-clicking adware developed by a Korean company. “The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it. The malicious apps reached an astonishing spread between 4.5 million and 18.5 million downloads,” Check Point wrote.

Palo Alto also found in 2015 Apple iOS malware. YiSpecter was the first malware the security company had seen that abuses private APIs in the iOS ecosystem to implement malicious functionalities, Palo Alto noted.

3. Useful apps with unwanted information leakage. Many applications installed for legitimate uses, can still result in misappropriation of information, such as the extraction of contacts from telephone, Crowley said.

One such trojan, Faketoken, is designed primarily to generate fake login screens for more than 2,000 financial applications in order to steal login credentials. The malicious app also displays phishing pages to steal credit card information -- and it can read and send text messages.

Alarmingly, Faketoken's creators have added the ability to encrypt user files stored on a phone's SD card sometime in July, have released thousands of builds with this functionality, according to researchers from Kaspersky Lab.

5. Ransomware. In the first quarter of 2017, ransomware was the most popular type of malware in the U.S. Ransomware blocks a device (or desktop computer) by imposing its demand-for-payment window over all other windows, including system windows. After that they demand money to unblock the device. Ransomware comes in a variety of forms, most recently as the WannaCry malware, which attacked Windows desktop systems.

The evolution of ransomware is heading toward what's being called ransomworms. That's basically ransomware attached to a network worm.

"After infecting one victim, it would tirelessly copy itself to every computer on your local network it could reach,” said Corey Nachreiner, CTO at WatchGuard Technologies. “Whether or not you want to imagine such a scenario, I guarantee that cybercriminals are already thinking about it.”

Top 7 common sense mobile device security steps

SANS Institute's recommendations on how to harden your device:

Enforce device passcode authentication

Monitor mobile device access and use

Patch mobile devices quickly

Prohibit unapproved third-party application stores

Control physical access to devices

Evaluate application security compliance

Have in place an incident response plan for lost or stolen mobile devices

Slideshows

Selling beyond the CIO – How partners can influence the new breed of tech buyers

This ARN Roundtable, in association with Oracle, highlighted the emergence of a new breed of technology buyer, assessing how partners can engage outside of IT, and the skills required to sell across new business units.

Copyright 2018 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.